7 matches found
EUVD-2005-3332
Malware in sbrugna...
eBASEweb SQL injection vulnerability
Overview eBASEweb, an optional product in the eBASE series data management software from eBASE Co., Ltd., contains an SQL injection vulnerability as it does not completely sanitize user input data. eBASE Co., Ltd. has fixed this product and advised customers who have introduced this product to...
eBASEWeb SQL注入漏洞
eBASEWeb是一款基于PHP的WEB应用程序。 eBASEWeb不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'Comments.PHP'脚本对用户提交的WEB参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或可能操作数据库。 eBASEWeb 3.0 前没有解决方案提供: http://www.ebase.co.jp/product/ebaseweb/...
CVE-2005-3333
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors...
CVE-2005-3333
The CVE-2005-3333 issue affects eBASEweb 3.0 from eBASE Co., Ltd. The vulnerability is an SQL injection in eBASEweb 3.0 that enables a remote attacker to execute arbitrary SQL commands because user input is not fully sanitized. The JVNDB entry notes that this affects version 3.0 released before S...
CVE-2005-3333
SQL injection vulnerability in eBASEweb 3.0 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors...
[SA17301] eBASEweb Unspecified SQL Injection Vulnerability
TITLE: eBASEweb Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA17301 VERIFY ADVISORY: http://secunia.com/advisories/17301/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: eBASEweb 3.x http://secunia.com/product/5965/ DESCRIPTION: A...